Android OS has shaken up the mobile market in many ways. The Google’s ‘open source’ platform has already overtaken Apple in terms of both mobile market share and in terms of the number of apps in their appstore. However, all is not well with Android. With growing popularity, Android is also becoming a target for malware writers and cyber criminals. According to Juniper Networks’ latest released, samples of malware strains targeting devices running the Android operating system increased 400% between June of 2010 and January of 2011.
“These findings reflect a perfect storm of users who are either uneducated on or disinterested in security, downloading readily available applications from unknown and unvetted sources in the complete absence of mobile device security solutions,” said Dan Hoffman, chief mobile security evangelist at Juniper Networks.
“Mobile malware attacks and other exploits are no longer just theoretical occurrences discussed by security researchers and vendors keen on cashing in on a projected market. The threats to mobile devices are real — and reach far beyond simple viruses to include malware, loss and theft, data communication interception, exploitation and misconduct, and direct attacks. This report details specific attack vectors on mobile devices over the past year, defines new and emerging mobile threats expected in 2011, and gives mobile users practical advice to protect themselves from malicious attacks,” the report abstract states.
The report notes that there needs to be an increase in diligence by those who approve applications for distribution in the marketplace, as well as more proactive security efforts on the part of consumers.
Other key findings in the Juniper report include:
App store anxiety: The single greatest distribution point for mobile malware is application download, yet the vast majority of smartphone users are not employing an antivirus solution on their mobile device to scan for malware.
Wi-Fi worries: Mobile devices are increasingly susceptible to Wi-Fi attacks, including applications that enable an attacker to easily log into victim email and social networking applications.
The text threat: 17 percent of all reported infections were due to SMS trojans that sent SMS messages to premium rate numbers, often at irretrievable cost to the user or enterprise.
Device loss and theft: 1 in 20 Juniper customer devices were lost or stolen, requiring locate, lock or wipe commands to be issued.
Risky teen behavior: 20 percent of all teens admit sending inappropriate or explicit material from a mobile device.
“Droid Distress”: The number of Android malware attacks increased 400 percent since Summer 2010.
“App store processes of reactively removing applications identified as malicious after they have been installed by thousands of users is insufficient as a means to control malware proliferation. There are specifics steps users must take to mitigate mobile attacks. Both enterprises and consumers alike need to be aware of the growing risks associated with the convenience of having the Internet in the palm of your hand,” Hoffman added.
Infosec India 